<?php
include "config.php";
$action = $_GET['action'];
if (file_exists("install.php"))
{
	echo('If you have not yet installed QuickPage, click <a href="install.php">here</a>. If you already installed QuickPage, delete install.php and this script will run.');
}
else
{
switch ($action)
{
	case "create":
	create();
	break;
	case "delete":
	delete();
	break;
	default:
	mainpage();
	break;
};
};
function mainpage()
{
	include "config.php";
	echo '
	
	<html>
	<head>
	<script type="text/javascript" src="ckeditor.js"></script>
	<title>' . 
	$sitename . ' - Create a Page
	</title>
	<body>
	<center>
	<font size="7">' . 
	$sitename . ' - Create a Page
	</font>
	<br>
	<font color="#FF0000">
	<i>PAGES ARE NOT EDITABLE ONCE PUBLISHED</i></font>
	<br>There are currently <b>';
	$connect = mysql_connect($mysql_host,$mysql_user,$mysql_pass) or die(mysql_error());
	mysql_select_db($mysql_db) or die(mysql_error());
	$query = "SELECT * FROM `pages`";
	$result = mysql_query($query) or die(mysql_error());
	$rows = mysql_num_rows($result);
	echo $rows;
	echo '</b> pages in our database.<br>
	To see a page, click <a href="showpage.php?pageid=">here</a>.
	</center>
	<br><br>
	<form action="index.php?action=create" method="post">
	HTML CONTENT: <textarea name="Content" cols="100" id="Content" rows="30">Enter your html data here...</textarea>
	<script type="text/javascript">
    CKEDITOR.replace("Content");
    </script>
	<br>
	<input type="submit" >
	</form>
	</body>
	</html>
	
	';
};

function create()
{
	include "config.php";
	$content = $_POST['Content'];
	$connect = mysql_connect($mysql_host,$mysql_user,$mysql_pass) or die("Connection Failed.");
	mysql_select_db($mysql_db);
	
	if ($content == "")
	{
		echo "You must enter at least one character to publish a page.";
	}
	else
	{
	$query = "insert into pages(Page_ID,Content) values('0','".mysql_real_escape_string($content)."')";
	mysql_query($query) or die(mysql_error());
	
	$querynum = "SELECT * FROM pages ORDER BY Page_ID DESC LIMIT 1";
	$result = mysql_query($querynum) or die(mysql_error());
	$rownum = mysql_fetch_array($result);
	echo 'Your page was successfully created! Your URL is: <a href="' . $sitebase . 'showpage.php?pageid=' . $rownum['Page_ID'] . '">' . $sitebase . 'showpage.php?pageid=' . $rownum['Page_ID'] . '</a>. DO NOT forget your page ID.';
	}
};

/* DELETE FUNCTION COMMENTED OUT FOR SECURITY PURPOSES. IF YOU WOULD LIKE TO ENABLE, DECOMMENT THIS SECTION

function delete()
{
	$verify = $_GET['verify'];
	if ($verify=="laptop")
	{
		$p=$_GET['p'];
		if ($p == "")
		{
			mainpage();
		}
		else
		{
		$connect = mysql_connect($mysql_host,$mysql_user,$mysql_pass) or die("Connection Failed.");
		mysql_select_db($mysql_db);
		$query = "DELETE FROM pages WHERE Page_ID = $p";
		mysql_query($query) or die(mysql_error());
		echo "Page successfully deleted.";
		}
	}
	else
	{
		mainpage();
	};
};
?>
*/